Re: can't login with cf CLI but the UAAC tool works

kyle havlovitz <kylehav@...>

ok so the 'uaac token client get' fails, and the error is 'Bad credentials'

On Fri, Sep 4, 2015 at 3:33 PM, Filip Hanik <fhanik(a)> wrote:

ok, so we can validate that

uaac target http://localhost:8080
uaac token client get admin -s <your admin client secret>
uaac clients

Should show your 'cf' client in the list

then we can do

uaac token owner get cf <username> -s "" -p <user password>

and if that works, we can take it to the next step

On Fri, Sep 4, 2015 at 1:26 PM, kyle havlovitz <kylehav(a)> wrote:

I started the uaa by building from the tagged version in cf-release v215
and running it via tomcat with a custom config file, but I didn't specify a
database. I have both a cf and admin section in the uaa clients config:


id: cf
override: true
authorized-grant-types: password,implicit,refresh_token
authorities: uaa.none
secret: 'xxxxxxxxxx'


id: admin
authorized-grant-types: client_credentials
scope: read,write,password
resource-ids: clients
secret: 'xxxxxxxxxx'

On Fri, Sep 4, 2015 at 3:09 PM, Filip Hanik <fhanik(a)> wrote:

ok, so the URL you have is /oauth/token, that's fine. your trace returns


indicating that there is a misconfiguration somewhere, but we can fix
that later.

How did you start the UAA? Are you sure that your UAA has a client named
'cf' in its database?

On Fri, Sep 4, 2015 at 1:05 PM, kyle havlovitz <kylehav(a)>

Running that command against /uaa/oauth/token gives just a redirect to
/login. Doing it with /oauth/token gives a 401 unauthorized, same as the cf

What do you mean by deploy it as root "/"? As in, a override the url it
hosts the endpoints at?

Join to automatically receive all group messages.